mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-20 13:50:45 +00:00
36 lines
1.2 KiB
XML
36 lines
1.2 KiB
XML
<?xml version="1.0"?>
|
|
|
|
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
|
|
<!-- an example remote storage system, with a remotely exploitable vulnerability that can then be escalated to root -->
|
|
<system>
|
|
<system_name>storage_server</system_name>
|
|
<base platform="linux"/>
|
|
|
|
<vulnerability module_path=".*parameterised_accounts">
|
|
<input into="accounts">
|
|
<!--When using the account encoder fill in all facts for now.-->
|
|
<encoder type="account">
|
|
<input into="username">
|
|
<value>scenario_username</value>
|
|
</input>
|
|
<input into="password">
|
|
<generator type="password_generator"/>
|
|
</input>
|
|
<input into="super_user">
|
|
<generator type="boolean_generator"/>
|
|
</input>
|
|
<input into="strings_to_leak">
|
|
<generator type="message_generator"/>
|
|
</input>
|
|
<input into="leaked_filename">
|
|
<generator module_path="generators/filenames/leaked_filename"/>
|
|
</input>
|
|
</encoder>
|
|
</input>
|
|
</vulnerability>
|
|
<network type="private_network" range="dhcp"/>
|
|
</system>
|
|
</scenario>
|